package com.wxy.ej.nosql.config.resource;

import io.micrometer.core.instrument.util.IOUtils;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

import java.io.IOException;
import java.nio.charset.Charset;

@Configuration
public class JwtTokenConfig {

//    private static KeyPair KEY_PAIR;
//
//    //此处只有在授权服务器和资源服务器在一起的时候才能这样搞，实际使用RSA还是需要用JDK和openssl去生成证书
//    static {
//        try {
//            KEY_PAIR = KeyPairGenerator.getInstance("RSA").generateKeyPair();
//        } catch (NoSuchAlgorithmException e) {
//            e.printStackTrace();
//        }
//    }

    // JWT 签名秘钥
    //private static final String SIGNING_KEY = "mengxuegu-key";


    @Bean
    public TokenStore jwtTokenStore() {
        return new JwtTokenStore(jwtAccessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        ClassPathResource classPathResource = new ClassPathResource("oauth2.public");
        String publicKey = null;
        try {
            publicKey= IOUtils.toString(classPathResource.getInputStream(), Charset.forName("UTF-8"));
            //System.out.println("publicKey:" + publicKey);
        } catch (IOException e) {
            e.printStackTrace();
        }
        converter.setVerifierKey(publicKey);
        return converter;

        //accessTokenConverter.setKeyPair(KEY_PAIR);
        //accessTokenConverter.setSigningKey(SIGNING_KEY);
    }

    /*@Bean
    public ResourceServerTokenServices resourceJwtTokenServices() {
        final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        // 使用自定义的Token转换器
        defaultTokenServices.setTokenEnhancer(jwtAccessTokenConverter());
        // 使用自定义的tokenStore
        defaultTokenServices.setTokenStore(jwtTokenStore());
        return defaultTokenServices;
    }

    *//**
     * token信息扩展
     *//*
    @Bean
    public TokenEnhancer jwtTokenEnhancer() {
        return new TokenEnhancer() {
            @Override
            public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
                Authentication userAuthentication = authentication.getUserAuthentication();
                if (userAuthentication != null) {
                    String userName = userAuthentication.getName();
                    A2UserDto userDto = menuService.getUserByLoginname(userName);
                    Map<String, Object> additionalInformation = new HashMap<>();
                    Map<String, String> map = new HashMap<>();
                    map.put("account", userDto.getLoginName());
                    map.put("createTime", userDto.getCreateDate().toString());
                    map.put("state", String.valueOf(userDto.getDeleteFlag()==0? true: false));
                    additionalInformation.put("user", new Gson().toJson(map));
                    ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInformation);
                }
                return accessToken;
            }
        };
    }*/
}
